A new viral campaign that infects computers and uses them as Bitcoin mining bots has been spotted recently on Facebook.

The virus is spread through Facebook private messages, generally received from one of the victim’s trusted friends. The victim receives a message that reads “hahaha”, along with an attachment of an archive file called 1IMAG00953.zip. Once opened, the file appears to contain a legitimate .jpg image file, however further investigation has shown that the file is actually a Java application that is immediately executed once the user clicks it.

The application downloads DLL files from a Dropbox account, connects to it’s command and control servers and then downloads shellcode that is injected into Windows Explorer. This allows the attacker to gain control of the computer and load additional files that embed a Bitcoin miner onto the system; immediately putting the victim’s CPU to work making money for the attacker.

To avoid being compromised, do not open unknown links, files or messages from any source on Facebook, the Internet, or your mobile phone.

–

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

These days we store huge amounts of data online. Individuals, schools, businesses and other organizations upload everything from corporate documents to private personal files using online cloud storage services.

With recent revelations about the NSA tapping into cloud-based giants like Yahoo and Google, it is becoming increasingly important for cloud storage users to take additional steps to secure their data. You can no longer blindly trust that your service provider is keeping your data secured and locked away from prying eyes.Networks get attacked, servers compromised and information is leaked. It happens all the time.

Recently I ran across a piece of software that claims to offer a solution to this problem. SkyCrypt is a new cloud storage encryption product from the folks over at DataLocker, a manufacturer of encrypted storage solutions for military, finance, healthcare and government applications.

SkyCrypt by DataLocker

With SkyCrypt, your private data is secured using FIPS 140-2 validated, 256-bit AES encryption prior to being uploaded to your cloud storage account. Currently the software has built-in support for Dropbox, Google Drive, SkyDrive (OneDrive), Bitcasa and Box.com. You can also use SkyCrypt with other network-attached drives, local drives, and USB storage devices.

SkyCrypt Cloud Storage Supported Services

The SkyCrypt software uses a zero knowledge design, meaning you always have possession of the encryption keys instead of the cloud storage provider. The only thing stored on your cloud storage account is the secure, 256-bit AES encrypted data. In the event your cloud service provider is hacked, or your personal login details are compromised, your files are always kept safe and secure.

Cloud storage users only need to go through an easy 3-step process in order to start securing their files immediately.

SkyCrypt also supports encrypted file names and Google’s 2-factor authentication in addition to providing defense against brute force attacks. Currently the software is only available for Windows platforms. However Mac, IOS and Android versions are in development and expected soon.

Summary: If you want to ensure your data stored in the cloud is truly secured against hackers and nosy government types, download SkyCrypt today and experience true piece of mind. “SkyCrypt is Simply Secure”

Steve Wozniak, Co-Founder of Apple, says companies that depend on cloud storage have left themselves open to the prying eyes of intelligence agencies like the NSA. Wozniak expressed sympathy for companies that are at odds with the surveillance tactics of these agencies, but he also added that industry reliance on cloud services is a major part of the problem.

“I think most companies, just like Apple, start out young and idealistic,” Wozniak said at the AWNA convention in San Francisco. “But now all these companies are going to the cloud. And with the cloud you don’t have any control.”

Technology companies are already on the defensive following other recent disclosures about NSA spying in the cloud. In November VirtualThreat reported that the NSA and the British Government Communications Headquarters (GCHQ) had worked together to infiltrate data centers operated by Google and Yahoo. The spy agencies targeted information as it moved over fiber-optic connections between cloud storage centers.

“We don’t have any strong regulations or principles,” Wozniak suggested, when addressing the scope of surveillance conducted by government agencies. He said when he was younger he could accept the idea of wiretapping a person suspected of illegal activities, but he went on to say that today’s tactics are a completely different story.

If you plan to upload your valuable data to a cloud storage provider, you need to “NSA-Proof” your data in advance by encrypting it with a FIPS 140-2 validated AES encryption routine. While not 100% guaranteed to stop government agency spies, it will definitely stop your average hacker.

–

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

A recent string of high-profile attacks, including the breach against Yahoo Mail servers, has been the focus of technology media outlets over the past few weeks. It appears that no cloud-based service is safe from malicious hackers these days.

Google’s Gmail is another hugely popular free email service with hundreds of millions of users. Almost everyone I know has a Gmail account. You need to remember that this one Google account, and it’s login details, are used for all of Google’s services, not just Gmail. This account is used for YouTube, Google Drive and all of your Android devices, among other things.

With so much data available through this one account, hackers are always on the lookout for a way in. The majority of people don’t use secure passwords, so breaking into your email is unfortunately not much of a challenge for most hackers. Fortunately, Google provides a couple of simple methods to find out if anyone else has been accessing your account. This way, you can find out if you’ve been hacked prior to receiving all of those email replies from your friends asking why you are sending them links to Viagra sites and malware-infected videos of Superbowl ads.

Google Security Settings

To see who has been accessing your account, go to the Google Security Settings page and click on the link under “Recent Activity” that says “View All Events“. This will take you to a list showing the times, locations and IP addresses of anyone accessing your account. There is even a map showing the originating location for each access event.

Let’s hope your recent activity page doesn’t look like this one. (err…unless of course you are indeed from Romania or Germany

Google Recent Activity

Gmail offers a similar “Recent Activity” service that you can access directly from your inbox. To use this security feature, simply scroll to the bottom of your inbox at Gmail.com. On the right side of the page, you’ll see a message that says Last account activity: X minutes/hours/days ago. Beneath that line, you’ll see a link that say “Details.”

Gmail Recent Activity

Clicking the “Details” link will take you to a list showing all recent access to your account. In the image below, you can see that this user typically logs in from California. However there is one entry showing a login from Poland. This is a pretty good indicator that this account has been compromised. If you notice activity that doesn’t look familiar you need to change your password immediately! You may even want to consider enabling Google’s 2-Step Validation feature on your account for added security.

Gmail Suspicious Activity

If you use the above information, you can stay a little bit safer online. Get in the habit of checking for suspicious activity on a regular basis. While these “Recent Activity” lists are helpful, they are only really informative after an attacker has gained access to your account. I also recommend enabling Google’s 2-Step Verification on your account. This will add an extra layer of security to your Google cloud, helping keep would-be attackers at bay. If you store files on Google Drive I would also suggest encrypting your files with a product like SkyCrypt.

Stay safe!

–

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

Hackers briefly vandalized the website of popular mobile game Angry Birds after revelations that its users’ data has been leaked to the NSA. But the app’s Finnish maker has hit out at accusations that it is helping spy agencies.

On Wednesday night, the front page of the website of the game – which has been downloaded a record 1.7 billion times by portable device users – was replaced by a spoof by an anonymous hacker. A cached version of the website was sent to hacking collective Syrian Electronic Army, and displayed the inscription Spying Birds, with the center of the screen occupied by a trademark irate red avis with an NSA logo on its forehead.

Rovio, the game’s developer, confirmed that the hack, which reportedly lasted for at least an hour and a half, had taken place.
“Unfortunately, last night the Angry Birds website was momentarily defaced, but the situation has been dealt with by our IT security. The end user data was in no risk at any point,” the company said in a statement.

Earlier this week, a fresh batch of documents sourced from whistleblower Edward Snowden and published in the Guardian and the New York Times showed that US and UK intelligence agencies use mobile apps – often innocent programs installed by smartphone users to play games, find directions or meet dates – to track users. Among the data that can be obtained is the user’s name, location, email address, phone number and any other information the app asks, including ethnicity and relationship status. As well as data users willingly submit, the agencies are reportedly also able to collect data that is automatically exchanged between the smartphone and the app server.

Among the documents was a 20-page case study that homed in on Angry Birds, and showed how to extract sensitive data from a game that is ostensibly about throwing birds to destroy pigs hiding in castles.

It appears the private information was not intercepted from Angry Birds itself, but the online ad agencies that it partners with. Since many smartphone applications are free to device owners despite costing millions to develop and maintain, their makers earn revenue by allowing third-party ad agencies to collect the users’ data and bombard them with specially-targeted adverts.

In the wake of the revelations, Rovio has denied any responsibility, and promised to “re-evaluate” its relationship with outside advertisers.

“We do not collaborate, collude, or share data with spy agencies anywhere in the world,” Rovio CEO Mikael Hed said in a statement on the company’s website.
“As the alleged surveillance might be happening through third party advertising networks, the most important conversation to be had is how to ensure user privacy is protected while preventing the negative impact on the whole advertising industry and the countless mobile apps that rely on ad networks.”

Yet Rovio believes that it was merely used as an illustration by the NSA, and even if it halted all contact with advertisers, app users would not be any safer.

“If advertising networks are indeed targeted, it would appear that no internet-enabled device that visits ad-enabled web sites or uses ad-enabled applications is immune to such surveillance,” Rovio said.

Since the latest trove of classified documents became public, NSA and its UK sister agency GCHQ have insisted that they do not spy on or collect data from ordinary app users.

“The communications of people who are not valid foreign intelligence targets are not of interest to the National Security Agency,” said a statement from the American agency.

“Any implication that NSA’s foreign intelligence collection is focused on the smartphone or social media communications of everyday Americans is not true.”

At the same time, neither agency has denied the existence of interception techniques outlined in the leaks.

Mobile Carrier makes announcement that it will offer unlimited cloud storage service to its wireless customers for $5 a month through Pogoplug app.

Sprint has added a new product to it’s “unlimited services” lineup. Last Monday the company announced that it is now offering unlimited cloud storage from Pogoplug as part of its suite services.

Sprint wireless customers will receive up to 5GB of cloud storage for free. For an additional $4.99 customers will be upgraded to the unlimited storage option, The additional charge can billed directly to the customer’s Sprint account,

Customers will need to download the Pogoplug app to their phone or tablet from either the Sprint Zone, the Android Google Play Store, or Apple’s App Store. Once installed, customers can store photos, videos, music and other files in the cloud. Pogoplug also provides automated backups for your digital media. Customers can manage settings that determine if backups should run over Sprint’s data network or only when connected to the internet over WiFi.

The unlimited cloud storage offer is a nice addition for Sprint customers, however the service is hardly unique to this mobile carrier. The Pogoplug app is already available for all iPhone and Android devices. Customers on other wireless networks can already access the app through the App Store and Google Play. The pricing of the app on other carriers is the same as it is on Sprint’s network. The one difference is that Sprint customers can pay for the cloud storage charges directly through their Sprint bill.

Sprint is one of the last remaining wireless carriers that still offer truly unlimited wireless data plans. Other wireless carriers, like T-Mobile, throttle speeds when customers reach a certain threshold. Sprint however lets its customers consume data to their heart’s content. The new unlimited cloud storage offer is just one more element of Sprint’s strategy to stand out from its competitors.

– – –

About the author…

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

Google tracks everything you do, and they are not limited to just tracking you online. The search giant is now developing ways to track users across laptops, tablets and smartphones. They can even follow you right down to the the stores you visit and businesses you call from your mobile device.

The new Google AdWords feature, called “Estimated Total Conversions“, is aimed at advertisers that use the platform to serve their ads to you while you browse the internet. The idea behind the new technology is to track a user from the time they are served an advertisement, until the time they walk into a brick and mortar store, or shop online in order to purchase the advertised product. Google uses the following pitch when selling the new feature to advertisers:

People are constantly connected, using multiple devices throughout the day to shop, communicate and stay entertained. A September 2013 study of multi-device consumers found that over 90% move sequentially between several screens for everyday activities like booking a hotel or shopping for electronics.

As consumers are increasingly on the go and switching between devices, marketers are telling us they want to see a more complete and accurate picture of how their online advertising drives conversions. Conversions can come in many forms: visits to stores, phone calls, app downloads, website sales or purchases made after consulting various devices. Getting better insight into these complex purchase paths can help you optimize your online advertising and allocate budget more effectively.

In addition to your web browsing habits, Google is now tracking your call logs, your GPS records, and a list of the devices that you use on a daily basis. This of course includes your mobile phones, tablets, laptops and more. All in the name of targeted advertising and conversion statistics.

Google Adwords “Estimated Total Conversions”

Google has the ability to access many types of user data from Android apps as well as Google branded apps for the Apple iOS including Google search, Gmail, Google Maps and the Chrome web browser. If a person is using any of these apps while they are shopping, or happens to have them running in the background, Google can use that data to pinpoint the user’s location and see if they are in a store or other place of business.

So if you were on your laptop searching for a new television, and you were presented with a Best Buy advertisement in the search results, Google could tell if you walked into, or called a local Best Buy an hour later to make the purchase. You would only need to have your mobile device along for the ride, Google would be recording the entire process. This would be an example of Google’s “Cross Device Conversion” technology.

Google Cross Device Conversion

Android users give permission for Google to track them in this manner when they opt-in to use “location services” on their smartphone’s Options menu. iPhone users allow this behavior when they agree to allow “location services” for apps like Google Maps and Gmail.

Online tracking is nothing new, however Google has taken this a step further by continuing its tracking efforts into the real world.

– – –

About the author…

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

Bitcoin virtual currency might be more than just a passing fad. In fact, it could be a worthwhile investment, according to experts. The virtual currency was launched in 2008 by an anonymous developer known only as ‘Satoshi Nakamoto’. The creator has since disappeared, leaving a trail of questions about his identity and motives.

Bitcoin is not issued by any government and is not controlled by a central bank or regulators. In contrast to conventional currencies, which offer a theoretically limitless volume, there can only be a specific number of Bitcoins generated worldwide. Critics say this limit is more representational of a commodity than any currency.

The total number of Bitcoins is limited to 21 million, however there are only 12 million Bitcoins in circulation today. The process of creating new Bitcoins is controlled by a mathematical algorithm that reduces the number of generated Bitcoins each year until the year 2040.

The value of a Bitcoin has nearly tripled since November 1st and today it hit an all time high of $358.00 on Mt. Gox, the world’s largest Bitcoin exchange. In June of 2010, one Bitcoin was worth $0.004

Earlier this year. Bitcoin attracted the attention of Tyler and Cameron Winklevoss, the brothers best known for their battle with Mark Zuckerberg over the origins of Facebook. After investing $11m in the virtual currency, they filed paperwork with the SEC to start a fund that would invest in, and track the value of, Bitcoins.

In order to get your hands on this shiny new currency you will have to start by getting a digital Bitcoin wallet, software that allows you to store and trade your Bitcoins. Your digital wallet will give you access to the Bitcoin network and works much like a peer-to-peer file sharing service.

Once you have a digital wallet, you can move on to the next step to get your first Bitcoin. You can purchase coins, “mine'” coins, or sell something for payment in Bitcoin. In order to purchase a coin you will need to find an individual or a currency exchange willing to accept your payment method. If you aren’t concerned with anonymity, reputable Bitcoin exchanges typically accept credit cards or PayPal payments. If you want to keep your transaction private, you can meet with a local Bitcoin dealer who is willing to trade Bitcoins for cash, or something else of value.

A coffee shop in Vancouver went live last week with an ATM machine that trades cash for Bitcoin. According Robocoin, the ATM manufacturer, the machine did over $100,000 worth of business and handled 348 transactions in its first eight days of operation. Jordan Kelley, CEO of Robocoin, said that an estimated 70 percent of the ATM users created new wallets — suggesting they were mostly first-time Bitcoin users.

– – –

About the author…

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

If you are the most technical person in your neighborhood, then chances are you have become the local unofficial tech support rep for your circle of friends and family. It doesn’t matter how much, or how little, you know…as long as you are more technically capable than the rest of your family, you will never have to look for extra work in your spare time.

You will help them recover lost files, connect their laptopsto printers, clean up malware, and explain to them why the “internet is not working” on their mobile phonesor tablets. And when your job is finally finished, you can stand proudly knowing that you are a superhero in their eyes. You are now known as the local computer “Guru”. And that, in today’s web-connected world, makes you a part of the cyber security front line.

Today is as good of a day as any to go back to basics and review a few simple steps that can help make your family a little safer online. At a minimum your goal should be to make things harder for the bad guys, and head off as many tech support phone calls as possible, before they occur.

Take a few minutes and go over the following online security tips with your friends and family. Who knows, you might even get a free lunch or a beer out of the deal.

1. Use Strong Passwords

I have said it again and again. The first step to online security is the use of a strong password. Most experts recommend that you use a password with a minimum of 12 characters. The longer the better, as it is more difficult for an attacker to guess.

Do not use the same password again and again, and don’t use a password that is easy to guess like your birthday or the name of your cat. If possible use a combination of upper and lower case letters, numbers, and special characters like $, % or !. I strongly recommend using my free Secure Password Generator to create a bullet-proof password. It is also important that you do not use the same password on more than one site.

Make sure to store your passwords somewhere safe. Don’t use sticky notes attached to your monitor or keyboard. If you have to write them down it is best to just write clues that will help you remember them, as opposed to writing down the actual passwords. However , a more secure method is to use a password management solution. The combination of an encrypted hard driveANDpassword management software provides the best solution for keeping your password list safe from hackers and eavesdroppers.

2. Keep Your System Software Updated

Hackers love to exploit vulnerabilities in applications, operating systems and software drivers. There are entire databases on the web that list all of these vulnerabilities. An attacker only needs to search the databases for a popular software version in order to find a vulnerability that will allow him remote access to your computer. Once they have decided which software and version to exploit, the hackers will use large networks of malware infected computers in order to scan the internet for more targets.

Virus protection software is only as good as it’s last update. You need to realize that even after you have updated your virus scanner, your web browser, your operating system and other software, the hackers have already started creating new methods to break in to your computer.

In order to protect your family network, you need to make certain that you are regularly updating everything on your devices, both mobile and desktop. This needs to be a priority, not an afterthought. There are many open source (Free) products that you can use to automate and keep track of these updates for you. Both Windows and Mac computers have software already built in to keep track of operating system and driver updates.

3. Check Computers for Malware and Viruses

Most computers and mobile devices these days come pre-installed with some sort of virus protection software. However, as I stated above, this software is only as effective as it’s most recent update.

Check to be sure that your friends and family members are using the most recent virus definition database for their software. If the virus protection software requires a subscription to receive updates, make sure that the subscription is not expired. Once automated updates are enabled you will be one step ahead of the cyber criminals that are seeking access to your computers.

If the computer or mobile device does not already have virus protection installed, help the user select a reputable security suite such as ESET or Lookout Security.

4. Enable WPA or WPA2 Encryption on Home WiFi

If your friends or family members are using an unsecured WiFi connection, or even WiFi with WEP encryption, take a few moments to switch them over to WPA or WPA2 encryption.

You may have already set this up for them in the past, however it is always possible that someone has done a factory reset of the WiFi router since then. Even if you find that the WPA encryption mechanism is enabled take this opportunity to change the encryption key, or pass phrase, while you are browsing through the configuration interface.

Many people incorrectly believe that they can just use features on their WiFi router such as hidden ESSID’s and MAC address filtering for security It is important to note that these features are used for safety NOT security. Please watch the following video to learn more about these mythical security features.

5. Schedule Daily Backups

Even if you do everything right, there is still the chance that you could become the victim of a cyber attack. It is important to remember that your only recourse in the event you are hacked is to restore some sort of backup to recover your files.

Make backup copies of all important documents including photographs, financial information, word documents, legal papers, etc. If possible enable daily backups to run automatically. You should keep backups for at least 7 days before erasing them to make room for new ones.

My suggestion would be to get an encrypted hard drive, share it on your local network so all devices have access to it, then configure your backup software to store files in the one centralized location. For optimum safety you could go a step further and create hard copies of backup files on DVD’s prior to deleting them.

– – –

About the author…

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

Recently it was leaked that the National Security Agency tapped into primary overseas communication links that connect Yahoo and Google data centers around the world. According to former NSA contractor Edward Snowden, the agency has access to raw data from hundreds of millions of internet users, and many of them are Americans.

This is not the first disclosure from Snowden about NSA operations. Snowden is currently living in Russia after being granted temporary asylum following his release of other top secret NSA documents, including those about another agency surveillance program called PRISM. As expected, the U.S. Government would like to have a word with Mr. Snowden about the theft and unauthorized disclosure of that top-secret information.

According to a Washington Post article, a top-secret accounting dated January 9th 2013 provides evidence that the NSA‘s acquisitions directorate sends millions of records every day from Yahoo and Google internal networks to government data warehouses in Fort Meade, MD. In the 30 days prior to the report being released, the report states NSA analysts had processed more than 180 million records. By tapping those pipelines, the agency has access to not only the metadata, which includes information telling who sent what message and when, but analysts also have access to all of the raw data including text, audio and video.

The following slide was taken from a National Security Agency presentation on “Google Cloud Exploitation”. It shows that while most traffic passing from internet users to Google is encrypted, the traffic passing back and forth on the networks connecting Google data centers is in an unencrypted, or “clear text” format.

NSA “Google Cloud Exploitation” Presentation

The primary tool that the NSA uses to infiltrate the data links is called MUSCULAR. The program is operated jointly between the National Security Agency (NSA) and the British Government Communications Headquarters (GCHQ). MUSCULAR allows the agencies to copy raw data flows across fiber-optic lines that carry information between the Google data centers.

It is important to note that this program is different than the previously disclosed PRISM program, which gathers user information from court orders. Instead, the MUSCULAR program targets tech companies and collects user data without their knowledge.

Google’s Chief Legal Officer, David Drummond, said the following in response to the news that the National Security Agency had secretly broken into the main links connecting Google’s data centers:

“We have long been concerned about the possibility of this kind of snooping, which is why we have continued to extend encryption across more and more Google services and links, especially the links in the slide. We do not provide any government, including the U.S. government, with access to our systems. We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform.”

However, in the past we have heard stories about Google cooperating with the NSA in joint operations. Last summer VirtualThreat.composted a story about the Department of Justice asking for a court order to keep the Google and NSA partnership a secret. However, in this case it seems the search giant had no prior knowledge of the NSA’s activity.

In response to the allegations that the NSA had broken into Google’s network the National Security Agency released the following statement:

“NSA has multiple authorities that it uses to accomplish its mission, which is centered on defending the nation. The Washington Post’s assertion that we use Executive Order 12333 collection to get around the limitations imposed by the Foreign Intelligence Surveillance Act and FAA 702 is not true. The assertion that we collect vast quantities of U.S. persons’ data from this type of collection is also not true. NSA applies Attorney General-approved processes to protect the privacy of U.S. persons – minimizing the likelihood of their information in our targeting, collection, processing, exploitation, retention, and dissemination. NSA is a foreign intelligence agency. And we’re focused on discovering and developing intelligence about valid foreign intelligence targets only.”

On October 30th, at the Bloomberg Cyber Security Conference in Washington D.C., the head of the National Security Agency, General Keith Alexander, said:

“I can tell you factually we do not have access to Google servers, Yahoo servers…We go through a court order. We issue that court order to them through the FBI. And its not millions, its thousands of those that are done. And its almost all against terrorism and other things like that. It has nothing to do with U.S. persons.”

The PRISM program allows the NSA to gather huge amounts of internet communications by legally compelling U.S. tech companies, including Gooogle, to cooperate with officials and turn over all data that matches court approved search queries. That program. also disclosed by Edward Snowden, is authorized under Section 702 of the FISA Amendments Act. PRISM operations are overseen by the Foreign Intelligence Surveillance Court (FISC).

It doesn’t take a rocket scientist to see the clear advantages for the NSA with regard to their decision to intercept communications using MUSCULAR and overseas access points. With less oversight and looser regulations the agency has the ability to collect data from tech giants like Google using “full take”, “bulk access” and “high volume” operations.

These large scale collection operations would be illegal in the United States, however they are taking place overseas. Here the NSA can assume that anyone with information traversing these links must in fact be a foreigner.

What Are The Implications of a Program Like MUSCULAR?

Many people are saying to themselves “Sure, but how does this affect me?”. Most people only think about Google being used for online searches and email. But did you know Google also has privately branded services that are being used by corporations, non-profit organizations and educational institutions?

For example, my own daughter uses Gmail and Google Drive for her school projects. Her school has assigned every student with a Google email address and a login for the school’s Google Drive account. Google Drive is a service where classroom documents are often stored.

In addition, a company that I worked for in the past used “Google Apps for Business” in order to provide email accounts, chat/voice/video conferencing, document storage and calendaring for its employees. By tapping primary Google data center links, the government potentially has access to all types of information.

Google has many service offerings that provide everything from internet searches and email to video conferencing and private data storage. Did you know Google recently bought Motorola Mobility and is now manufacturing mobile phones?

Google is also the creator of the Android software that runs on many mobile phones and internet tablets. Millions of individuals and organizations around the world trust Google to store their data securely away from the prying eyes of hackers and others that would use that information for their own advantage.

To get an idea of how much private information might be traveling across those Google data center links, take a look at the following info-graphic. It only shows a portion of the products offered by Google, but you quickly gain a better understanding of how much data potentially flows across the Google wires.

Google Products…more than just simple email and online searches.

Still think the government only has access to your online search histories and email? One of the coolest/scariest things I’ve noticed recently is the facial recognition software being deployed by Google and other social networking sites like Facebook. Have you ever noticed when you upload photos of people to a site like Picaso or Facebook you are immediately prompted to tag the names of other people in the image?

Typically the software has already completed the hard work of identifying individuals for you, all you have to do is confirm the selections made by the underlying program.

Google has added the capability to instantly recognize people, places, objects and text in photographs both on the internet and on your hard drive. Don’t believe me? Watch the following video and then test it for yourself at http://images.google.com.

When you perform your tests try using photos of celebrities, politicians, TV/radio hosts, musicians, local Realtors, and so on. Let me know your results in the comments below this article.

Considering the fact that Google indexes nearly every web page and photograph on the open internet, try to imagine the vast amounts of identity information that must be traveling back and forth on some of those Google data center links. Combine that information with all of the additional data listed in the info-graphic shown earlier and you have a recipe for privacy abuse and identity theft.

Any person or agency with the keys to all of that raw data could easily build complete profiles on hundreds of millions of individual people, places, companies and organizations at will.

What really matters is that we have evolved into a society where we voluntarily surrender this information, and our very right to privacy, to the likes of Google, the NSA and hackers from around the world.

–

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

Cyber attacks are an unfortunate reality as more and more businesses move their operations online. Earlier in October, Adobe warned customers about a series of “sophisticated attacks” against its network. The Adobe security breach allowed hackers access to private information belonging to nearly 3 million customers. The data that was accessed included user IDs and passwords, customer names, credit card details and customer order information. The hackers also had access to the source code for numerous Adobe products, including the Photoshop family of graphical design software.

In a blog post this week by Brian Krebs, it was revealed that early estimates were far too low and the actual number of customer accounts affected by the breach may have been in the tens of millions. According to Krebs, he has viewed evidence that contained the user names and passwords for tens of millions of accounts apparently taken from Adobe. This past weekend AnonNews.org also posted a link on their website to a 3.8gb file called “users.tar.gz” that reportedly contained information for more than 150 million Adobe user accounts.

AnonNews.org posted a link to a 3.8gb file called “users.tar.gz”

Heather Edell, spokesperson for Adobe, has since confirmed the intrusion to Krebs. She claimed Adobe had just completed an extensive campaign to notify users of the security breach and has reset the passwords of those accounts that were affected.

“So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid), encrypted passwords for approximately 38 million active users,” Edell said. “We have completed email notification of these users. We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident””regardless of whether those users are active or not.”

In addition to changing user passwords, Adobe has arranged for one year of free credit monitoring for those customers who had their credit card data stolen in the incident. Oddly enough, Adobe’s offering of peace comes by way of the Experian credit monitoring system. Experian, one of the three major credit bureaus, is still recovering from a recent security incident that involved the company being tricked into selling consumer records to an identity theft ring.

I recently received one of the letters that Adobe sent out to their customers. The letter confirmed the Adobe servers were attacked between September 11th and September 17th and went on to say that hackers had accessed “customer names, payment card expiration dates, encrypted payment card numbers, and other information relating to customer orders”.

Brad Arkin, Chief Security Officer for Adobe, also said “In addition, the third party used our systems to decrypt some card numbers””

Adobe Notification Letter (Part 1)

Adobe Notification Letter (Part 2)

Adobe seems to be taking its customers’ safety seriously. While I would not recommend walking away from their offer for the year of free credit monitoring, as Krebs points out, this kind of service is not guaranteed to catch all forms of identity theft that might arise from an incident such as this. I would concur that Adobe users should also place fraud alerts on their accounts and watch their credit reports more closely.

–

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

Trustwave, an information security company, recently published a security advisory reporting a vulnerability in the Satis “smart” toilet, manufactured by LIXIL Corporation. The Satis toilets are controlled with an Android app called “My Satis”, which communicates with the toilets over Bluetooth. The vulnerability lies in the fact that the Bluetooth PIN is hard-coded to “0000.” With that information, a hacker would only need to download the “My Satis” app, then pair his mobile device to the toilet using the default code of “0000” and he would have full control of the toilet’s functionality.

The mobile app can control functions of the toilet such as flushing and playing ambient music. Can you imagine sitting on the toilet trying to take care of business and along comes a series of rapid, loud flushes mixed to the music of AC/DC’s Thunderstruck playing at full volume? Sure, its not your average high-security cyber attack but it might tend to freak out the average Joe.

Trustwave reports “Attackers could cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to user.”

As of this writing there is no current patch to fix this issue, nor has the manufacturer, LIXIL, replied to any requests for comments.

This is a real-life security issue, but I think milk just came out of my nose when I laughed so hard while thinking of the mayhem a malicious hacker might cause with this vulnerability :-). A question comes to mind almost immediately though. Who really needs a remote controlled toilet anyway?

Let me know what you think in the comments below!

—

About the author…

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

NSA surveillance tool, XKeyscore, is a tool that provides intelligence analysts with real-time surveillance of your email, chat and browsing history. Tagged keyword terms and phrases may unknowingly put you under government scrutiny.

Yep, the government knows exactly what keywords you search for on Google. Just ask Michele Catalano and her husband about their recent experience. According to Catalano, “joint terrorism task force” officials, driving 3 black SUVs, stormed her home in Long Island, New York over an internet search for the terms “pressure cookers” and “backpacks”. (You can read an important update to this story here)

The National Security Agency operates a world-wide network that collects information from social networks, email, chat, video calls, search engines and more. All of that information is then fed into large databases for storage and easy retrieval. Analysts can then sift through all of that information, with little more than a target’s email address. Once the search is completed, all of the resulting information can be tied together into a profile.

The NSA acknowledges existence of the program but strongly argues that access is limited and targets of the program are foreign nationals. In a press statement the agency said:

“Access to XKEYSCORE, as well as all of NSA’s analytic tools, is limited to only those personnel who require access for their assigned tasks….All of our analytic tools are aimed at information we collect pursuant to lawful authority to respond to foreign intelligence requirements – nothing more.”

The Guardian sees it a little differently. In their recent report on the topic they wrote that XKeyscore may be the widest-reaching program the NSA currently has in their arsenal. They went on to say that the program allows analysts access to “nearly everything a typical user does on the internet” including emails and websites visited.

The report was based on documents recently leaked by NSA whistleblower Edward Snowden, who continues to evade officials. However, the U.S. Government is in hot pursuit of the man they are calling a “traitor”. Recently an airplane carrying Bolivian President Evo Morales was rerouted to Austria because of suspicions that Snowden was on board. In a press conference, Bolivian Vice President Alvaro Garcia said that France, Portugal, Italy and Spain were all responsible for denying the plane permission to fly through their airspace. Bolivian Defense Minister Ruben Saavedra told CNN en Español that he believed the U.S. government was behind the rumors of Snowden being on the plane.

Days later, it was confirmed that Snowden has received political asylum in Russia.

– – –

About the author…

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

Cyber criminals are searching for everything from your banking and financial info to your email, Facebook and and other social networking passwords. Luckily there are technologies and a few simple practices that can help you stay safer online, as well as offline.

Here are 5 Mandatory Steps that you should follow for protecting data from hacking and eavesdroppers…

1. IMPORTANT: Use Strong Encryption To Protect Your Files

Encryption is the process of encoding a message, or any other data, in such a way that eavesdroppers or hackers cannot read it, but authorized parties can. Today there are many options that provide both software and hardware encryption solutions for protecting your data.

TrueCrypt is a free open source software that provides automatic, real-time (on-the-fly) and transparent data encryption. With TrueCrypt you can encrypt a single partition or an entire storage device such as USB flash drive or hard drive.

The safest way to use TrueCrypt is to encrypt the entire storage device or hard drive. At a bare minimum, the partition or drive where Windows is installed should be encrypted.

DataLocker DL3 Encrypted Drive

For those of you who don’t want to install software, there are also several military-grade storage devices that provide hardware-based encryption for data protection. By doing a simple search on Google I was able to find the following 6 options that provide strong hardware-based encryption:

A couple of weeks ago I was able to personally review the DataLocker DL3 encrypted hard drive and I really liked the fact that it was so incredibly easy to use. It also had a lot of cool features like the touch screen display and self destruct mechanism. As DataLocker put it so eloquently, this encrypted hard drive is “Simply Secure”.

* Save 10% on your purchase of any DataLocker Encrypted Drive by using the coupon code “VTHREAT10″ (without quotes) on the DataLocker website

Regardless of which encryption solution you decide to use, it is important to remember that this is a mandatory first step in securing your data from prying eyes.

2. CRITICAL: Create A Bulletproof Password

The next step towards reducing the threat of online identity theft should come in the form of a very secure password. The majority of account hacks reported each day are do to the use of insecure passwords. Hackers often make use of automated software and huge word dictionaries in order to brute force account passwords. Using the 15 tips below, you should create a very strong, unique password for every site that you visit on the Internet.

If you have a hard time coming up with a strong password on your own, you can always use a password generator like the iPassword Generator or the free secure password generator found at PasswordsGenerator.net.

Once you have created your password you should store it on an encrypted hard drive to keep it safe. This is the single best way to limit your exposure to online account takeovers and hackers.

Once you have created a strong password you will need to keep it in a secure place away from prying eyes.

The simplest answer, while managing to achieve at least some acceptable level of security, is to create a password list and store it on an encrypted storage device.

A better answer is to install password management software like LastPass or KeePass on your encrypted drive. Both of these applications are free and they allow you to store all of your passwords in a single encrypted database.

LastPass runs natively on all major platforms including Windows, Mac and Linux. KeePass is geared primarily for Windows users, however the developer’s website claims it has also been tested on Wine. Wine is a compatibility layer that allows you to run Windows applications on Linux, BSD, Solaris and Mac OS X.

The combination of an encrypted hard drive AND password management software provides the best solution for keeping your password list safe from hackers and eavesdroppers.

Cyber criminals are now using various strains of malware, spyware and malicious links to steal your information. Any device that is connected to the internet is a potential attack vector for these types of attacks. In addition, hackers are increasingly using social networks to lead you to websites where they can install malicious software on your devices.

I personally use Lookout Mobile Security software to keep my smartphone safe from malware and other malicious apps. Lookout provides real-time protection for smartphones and tablets running both Android and Apple iOS software (iPhone, iPad, etc). An additional version is also available for the Amazon Kindle Fire HD device.

Facebook is another popular attack vector for hackers. You can use theESET Social Media Scanner to scan your Facebook account, as well as the timelines of your friends, for malware and links to malicious websites. The ESET Social Media Scanner application also offers an option to scan your local computer for signs of malware. I strongly advise that users run this additional security feature to be certain their computer is safe from threats.

ESET Smart Security 6 is another application worth mentioning for protecting data from hackers. This one software provides all-in-one internet security and comes with an Anti-Theft feature and the Social Media Scanner. There is also a similar version for Mac users called ESET Cyber Security.

One other important piece of security software that I thought I should recommend is called Prey. The Prey Project was developed as an open source anti-theft solution for laptops, phones & tablets and is used by people all around the world. According to the Prey Project website, “Prey lets you keep track of your laptop, phone and tablet whenever stolen or missing — easily and all in one place. It’s lightweight, open source software that gives you full and remote control, 24/7.”

I personally use Prey on all of my electronic devices and love it. I know a friend-of-a-friend, who has Prey installed, that actually was able to recover his laptop after it was stolen while he was living in Costa Rica.

5. ESSENTIAL: Use A Locked-Down Environment For Online Shopping, Banking and Filing Taxes

The best way to stay safe while shopping online and performing financial transactions is to create a secure operating environment. You can build a custom environment yourself by installing various software on an encrypted drive or you can use a solution that provides out-of-the-box protection.

Either way, the goal is to open a new window on your desktop that instantly provides a secure environment for browsing the web and reading web-based email.

Building A Custom Environment:

In order to build a custom environment on an encrypted drive I would suggest installing the latest version of Portable VirtualBox and then downloading your favorite Live CD operating system image to the drive. I had a DataLocker DL3 encrypted hard drive laying around so I decided to create my environment on that.

Portable VirtualBox is a software program that allows you to run Virtual Machines (VMs) on any USB storage device or hard drive. A Live CD is an operating system that runs entirely from memory and typically never writes files to your local hard drive. Each time the Live CD is restarted, it erases all traces and starts up with a fresh environment.

Once Portable VirtualBox is installed and running on the encrypted drive, you can create a new virtual machine with a virtual CD-ROM device attached to the Live CD image file. I personally like to use the latest version of Ubuntu for the Live CD, but you can use your favorite.

Once you have created your virtual machine in Portable VirtualBox you can simply start the machine, wait for it to boot up, and then open a browser to surf the web. Once you are finished browsing the web or checking your email, you can simply close the virtual machine to erase all tracks.

Any malware that you accidentally downloaded during your browsing session would be automatically erased once the virtual machine was shut down or restarted. It is important to note however that any files, bookmarks or configuration changes made while working in the virtual machine will also be lost when the machine is shut down.

Encrypt Stick runs on any USB flash drive, installs in seconds, and turns your flash drive into your own Digital Privacy Manager (DPM). The Encrypt Stick developers claim that the software protects your web browsing experience, your passwords and your private files. The software comes with both free and paid options and includes versions that run on Windows and Mac computers.

The Kanguru Defender DualTrust is an all-in-one software and hardware solution that provides encrypted storage as well as secure web browsing. If you are concerned about malware, viruses or spyware on your PC, then this is a great solution for you.

According to the Kanguru website, “The Kanguru Defender DualTrust™ provides complete confidence to pay online bills, do your banking, make purchases and browse online in a safe and secure environment. It opens up a secure, protected browser session, isolating itself from vulnerabilities that could potentially “trace your steps“ in an ordinary browser window. ”

Simply plug in the Defender DualTrust, create a secure password and the device will boot to a secure web browsing environment. Once you unplug the device, the Defender DualTrust leaves no trace of your session behind.

I think I will try the Kanguru Defender DualTrust this year when filing my taxes online. Maybe you should too.

In Summary:

Whether you are an average internet user who simply uses the web to check email and shop online, or you are a corporate or government user accessing sensitive information, you need to take a few extra security measures in order to protect data from hackers and eavesdroppers.

The 5 steps listed above should be put in place right away in order to get you started on the right path to achieving the highest level of data security while online.

– – –

About the author…

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.

This article is offered under Creative Commons license. It’s okay to republish it anywhere as long as attribution bio is included and all links remain intact.

The operation is a call to all Anonymous “members” and citizens of the world and seeks justice for the “innocent and exploited people being forced into homelessness” because of the “crimes of Goldman Sachs and other firms who have indulged in sinister and criminal practices.”

The official proposal for the operation calls for a release of the the Dox on the “CEOs & any and all executives of Goldman Sachs, AIG, Wells Fargo, Chase, Meryl Lynch, and any other guilty party”. The goal of Operation Wall Street is to spread the personal information of those responsible for the crimes to the people who have lost their homes and had their lives destroyed.

According to links that began appearing on Twitter on March 2nd, Anonymous has already released 4.6 gigabytes of data providing the personal information of Wall Street CEOs and other high level executives.

Operation Wall Street releases 4.6GB of data.

Last week the group calling themselves the “Anonymous Intelligence Agency“, or Par:AnoIA, released 14 gigabytes of information implicating Bank of America and others in a massive spying operation. Anonymous claims the data dump proves that Bank of America contracted at least one private intelligence firm to spy on numerous private citizens including hackers and social activists.

“It is no longer tolerable that these men and women get to live in luxury and lawlessness while innocent people are pushed into poverty and people who fight for freedom are prosecuted and demonized.

They must be stopped … OPERATION WALL STREET, must be launched.

We promise not to hurt you once we release your information but we cannot hold the people you screwed over responsible for their actions once they know who you are and where you live. You are not free to escape the consequences of your actions, no one is.